Skip to content

Commit 7d90e51

Browse files
Pek5892Pek5892
committed
fix: vulnerabilità minori
1 parent 0b22f38 commit 7d90e51

5 files changed

Lines changed: 16 additions & 10 deletions

File tree

actions.php

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -338,7 +338,8 @@
338338

339339
// Gestione ordine per le checklist
340340
elseif (filter('op') == 'ordina-checks') {
341-
$ids = explode(',', $_POST['order']);
341+
$order_data = post('order', true);
342+
$ids = $order_data ? explode(',', $order_data) : [];
342343
$order = 0;
343344

344345
foreach ($ids as $id) {
@@ -365,8 +366,8 @@
365366
}
366367

367368
// Contenuti
368-
$mail->subject = $_POST['subject'];
369-
$mail->content = $_POST['body']; // post('body', true);
369+
$mail->subject = post('subject');
370+
$mail->content = post('body', true);
370371

371372
// Conferma di lettura
372373
$mail->read_notify = post('read_notify');

include/init/configuration.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,10 @@
155155
// Laravel non è inizializzato in questo contesto
156156
// use Illuminate\Support\Facades\Artisan;
157157
// Artisan::call('key:generate');
158-
shell_exec('php artisan key:generate');
158+
$artisan_path = escapeshellcmd('php');
159+
$artisan_cmd = escapeshellarg('artisan');
160+
$key_generate_cmd = escapeshellarg('key:generate');
161+
shell_exec($artisan_path.' '.$artisan_cmd.' '.$key_generate_cmd);
159162

160163
if (!$creation) {
161164
echo '

modules/contratti/row-list.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -786,7 +786,7 @@ function apriDocumenti(div) {
786786
787787
function modificaIvaRighe(righe) {
788788
if (righe.length > 0) {
789-
openModal("'.tr('Modifica IVA').'", "'.$module->fileurl('modals/modifica_iva.php').'?id_module=" + globals.id_module + "&id_record=" + globals.id_record + "&righe=" + righe.join(','));
789+
openModal("'.tr('Modifica IVA').'", globals.rootdir + "/include/modifica_iva.php?id_module=" + globals.id_module + "&id_record=" + globals.id_record + "&tipo_documento=contratti&righe=" + righe.join(','));
790790
}
791791
}
792792

oauth2_login.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,8 +24,8 @@
2424
include_once __DIR__.'/core.php';
2525

2626
// Authorization information
27-
$state = $_GET['state'];
28-
$code = $_GET['code'];
27+
$state = get('state');
28+
$code = get('code');
2929

3030
// Account individuato via state
3131
if (!empty($state)) {
@@ -70,6 +70,6 @@
7070

7171
exit;
7272
}
73-
echo strip_tags($_GET['error']).'<br>'.strip_tags($_GET['error_description']).'
73+
echo strip_tags(get('error')).'<br>'.strip_tags(get('error_description')).'
7474
<br><br>
7575
<a href="'.$redirect.'">'.tr('Riprova').'</a>';

src/Util/XML.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -96,13 +96,15 @@ public static function decodeP7M($file)
9696
$output_file = $directory.'/'.basename($file, '.p7m');
9797

9898
// Validate that file path doesn't contain shell metacharacters
99-
if (preg_match('/[;&|`$(){}\\[\\]<>]/', $file)) {
99+
if (preg_match('/[;&|`$(){}\\[\\]<>]/', $file) || preg_match('/[;&|`$(){}\\[\\]<>]/', $output_file)) {
100100
throw new \Exception('Invalid file path');
101101
}
102102

103103
try {
104104
if (function_exists('exec')) {
105-
exec('openssl smime -verify -noverify -in "'.$file.'" -inform DER -out "'.$output_file.'"', $output, $cmd);
105+
$escaped_file = escapeshellarg($file);
106+
$escaped_output = escapeshellarg($output_file);
107+
exec('openssl smime -verify -noverify -in '.$escaped_file.' -inform DER -out '.$escaped_output, $output, $cmd);
106108

107109
if (!file_exists($output_file)) {
108110
$signer = $directory.'/signer';

0 commit comments

Comments
 (0)